On 17 May 2021, at 22:19, Christopher Schultz wrote:
> Leo,
>
> On 5/15/21 21:16, leo wrote:
>> Hi Folks
>>
>> In a small scale personal project served by Tomcat I record things per
>> logged-in user. The user is available as an attribute to Tomcat’s session
>> objects. In the JSP pages I retrieve the session object *through Java* like
>> this
>>
>> <%
>> HttpSession session = request.getSession();
>> ...
>> user = (String)session.getAttribute("user");
>> ...
>> %>
>>
>> Then later on these pages *in the JavaScript* part I have:
>>
>> <script type="text/javascript">
>> var user = "<%=user%>"
>> ...
>> </script>
>>
>> In the JavaScript part I then do something with the *JavaScript* variable
>> `user`.
>>
>> I now would like to move away from JSP to normal HTML pages (stills served
>> by Tomcat with the session backend)
>>
>> Question: Can I get the content of the session object in pure JavaScript?
>> Can I somehow configure Tomcat to put the session info in some page headers
>> or similar so that JavaScript can read it directly?
>
> If you want to switch to javascript, you'll probably want to make an
> XMLHttpRequest from your js code on the client to your Tomcat server. Have
> the server's response be something in JSON. Feel free to pass the whole
> session (which I wouldn't recommend) or just what you need. Perhaps you could
> create an API call like /user/info which returns a JSON object representing
> the user:
>
> {
> "username" : "leo",
> "timezone" : "America/Chicago",
> "first" : "Leo",
> "last" : "Tomcat"
> }
>
> Short of dumping the whole session data into the HTML page (which is ugly,
> wasteful, and potentially dangerous), the above is probably your best bet.
>
> -chris
That’s probably the way to go.
Thanks a lot for chiming in here!
Leo
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org